// For flags

CVE-2023-5964

1E-Exchange-DisplayMessage instruction allows for arbitrary code execution

Severity Score

7.2
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track*
*SSVC
Descriptions

The 1E-Exchange-DisplayMessageinstruction that is part of the End-User Interaction product pack available on the 1E Exchange does not properly validate the Caption or Message parameters, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions. This instruction only runs on Windows clients.

To remediate this issue DELETE the instruction “Show dialogue with caption %Caption% and message %Message%” from the list of instructions in the Settings UI, and replace it with the new instruction 1E-Exchange-ShowNotification instruction available in the updated End-User Interaction product pack. The new instruction should show as “Show %Type% type notification with header %Header% and message %Message%” with a version of 7.1 or above.

La instrucción 1E-Exchange-DisplayMessage que forma parte del paquete de productos End-User Interaction disponible en 1E Exchange no valida correctamente los parámetros Caption o Message, lo que permite una entrada especialmente manipulada para realizar la ejecución de código arbitrario con permisos del SYSTEM. Para solucionar este problema, ELIMINAR la instrucción "Mostrar diálogo con el título %Caption% y el mensaje %Message%" de la lista de instrucciones en la Interfaz de Usuario de Configuración y reemplazarla con la nueva instrucción 1E-Exchange-ShowNotification disponible en la versión final actualizada. Paquete de productos de interacción del usuario. La nueva instrucción debería mostrarse como "Mostrar notificación de tipo %Type% con encabezado %Header% y mensaje %Message%" con una versión de 7.1 o superior.

*Credits: Lockheed Martin red team
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:Track*
Exploitation
None
Automatable
No
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2023-11-06 CVE Reserved
  • 2023-11-06 CVE Published
  • 2024-09-05 CVE Updated
  • 2024-10-18 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
  • CAPEC-248: Command Injection
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
1e
Search vendor "1e"
Platform
Search vendor "1e" for product "Platform"
< 23.0
Search vendor "1e" for product "Platform" and version " < 23.0"
-
Affected